Package com.inrupt.client.openid

Class OpenIdSession

  • All Implemented Interfaces:
    Session
    public final class OpenIdSession
extends Object
implements Session
    A session implementation for use with OpenID Connect ID Tokens.

    • Field Detail

      • ID_TOKEN

        public static final URI ID_TOKEN

    • Method Detail

      • ofIdToken

        public static Session ofIdToken​(String idToken)
        Create a session from an ID token, using the default validation rules.
        Parameters:
        idToken - the ID Token
        Returns:
        the session

      • ofIdToken

        public static Session ofIdToken​(String idToken,
                                OpenIdConfig config)
        Create a session from an ID token, using a specific validation configuration.
        Parameters:
        idToken - the ID Token
        config - the validation configuration
        Returns:
        the session

      • ofClientCredentials

        public static Session ofClientCredentials​(URI issuer,
                                          String clientId,
                                          String clientSecret,
                                          String authMethod)
        Create a session using OAuth2 client credentials.
        Parameters:
        issuer - the OpenID Provider URL
        clientId - the client id value
        clientSecret - the client secret value
        authMethod - the authentication mechanism (e.g. client_secret_post or client_secret_basic)
        Returns:
        the session

      • ofClientCredentials

        public static Session ofClientCredentials​(OpenIdProvider provider,
                                          String clientId,
                                          String clientSecret,
                                          String authMethod,
                                          OpenIdConfig config)
        Create a session using OAuth2 client credentials.
        Parameters:
        provider - an OpenID Provider instance
        clientId - the client id value
        clientSecret - the client secret value
        authMethod - the authentication mechanism (e.g. client_secret_post or client_secret_basic)
        config - the ID token verification config
        Returns:
        the session

      • getId

        public String getId()
        Description copied from interface: Session
        Retrieve the identifier associated with this session.
        Specified by:
        getId in interface Session
        Returns:
        a session identifier

      • getPrincipal

        public Optional<URI> getPrincipal()
        Description copied from interface: Session
        Retrieve the principal associated with this session.

        Typically, this will be a WebID or other globally unique value

        Specified by:
        getPrincipal in interface Session
        Returns:
        the principal identifier, if present

      • supportedSchemes

        public Set<String> supportedSchemes()
        Description copied from interface: Session
        Retrieve the authentication schemes supported by this session.
        Specified by:
        supportedSchemes in interface Session
        Returns:
        the scheme identifiers

      • getCredential

        public Optional<Credential> getCredential​(URI name,
                                          URI uri)
        Description copied from interface: Session
        Retrieve a credential from this session.
        Specified by:
        getCredential in interface Session
        Parameters:
        name - the credential name
        uri - the request URI
        Returns:
        the credential, if present

      • selectThumbprint

        public Optional<String> selectThumbprint​(Collection<String> algorithms)
        Description copied from interface: Session
        Select the thumbprint from a set of candidate algorithms.
        Specified by:
        selectThumbprint in interface Session
        Parameters:
        algorithms - the supported algorithms
        Returns:
        the keypair thumbprint

      • generateProof

        public Optional<String> generateProof​(String jkt,
                                      Request request)
        Description copied from interface: Session
        Generate a proof for a request.
        Specified by:
        generateProof in interface Session
        Parameters:
        jkt - the JSON Key thumbprint for the proof key
        request - the request
        Returns:
        a proof token

      • fromCache

        public Optional<Credential> fromCache​(Request request)
        Description copied from interface: Session
        Retrieve an access token for a request from a cache.
        Specified by:
        fromCache in interface Session
        Parameters:
        request - the HTTP request
        Returns:
        the access token, if present

      • authenticate

        public CompletionStage<Optional<Credential>> authenticate​(Request request,
                                                          Set<String> algorithms)
        Description copied from interface: Session
        Fetch an authentication token from session values.
        Specified by:
        authenticate in interface Session
        Parameters:
        request - the HTTP request
        algorithms - the supported DPoP algorithms
        Returns:
        the next stage of completion, containing an access token, if present